The Schellman Blog

Now that artificial intelligence (AI) has more fully engrained itself into the digital world and economy, it makes sense that the American Institute of Certified Public Accountants (AICPA)—as the organization that sets the most recognized auditing standards in the U.S.—would have an opinion on AI use, particularly in terms of the possibility of related SOC-compliance issues.

The National Institute of Standards and Technology (NIST) has made a significant move in introducing its groundbreaking AI Risk Management Framework (AI RMF). Designed to empower organizations and individuals with comprehensive risk management guidance, the AI RMF aims to create a world where AI can thrive responsibly.

TAMPA, Fla.--(BUSINESS WIRE)--Schellman & Company, LLC, a leading provider of attestation and compliance services and top 50 CPA firm, is pleased to announce the successful carve-out of Cohen & Company's System and Organization Controls (SOC) Practice. In this transaction, Cohen & Company’s SOC practice, including select personnel, will transition to Schellman. This strategic relationship is a testament to the outstanding values and focus on company culture, quality, and client service the two firms mutually share.

If you’ve ever been told by your customers or stakeholders that you need to conduct some kind of external audit to win or keep their business, the first question that likely came to mind was, “How much will that cost?” The initial answer, at least, is that it depends.

Ever seen an Olympic runner trip during their race? They’re on the biggest stage, having done all that work, and then somehow, something goes wrong and their shining moment ends in heartbreak for whatever reason—an errant pebble on the track, accidental tangling with another competitor, too much or too little momentum.

Red teaming is a proactive approach to cybersecurity, where a group of ethical hackers simulates real-world attacks on an organization's systems to identify vulnerabilities and test its defenses. This process helps organizations improve their security posture by revealing weaknesses before malicious actors can exploit them.

If you own a cell phone, you likely know that Apple releases a new version of the iPhone virtually every year. But sometimes, the versions look so similar you wonder what the difference is between models and you have to go digging into the specs of each before you fork over your hard-earned dollars.

The Securities and Exchange Commission's (SEC) final rule on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure will require buy-in and active preparation from several departments of your organization to accommodate the new requirements.